The three quarantined malware threats used SMS messages to deliver their malicious payloads, demonstrating the growing need for protection beyond controlling the app store environment.
-- Fake Bank (privacy.SmsServices.a): The most potentially dangerous of the three, Fake Bank masquerades as a banking application, only to steal users' accounts and passwords, block or upload their text messages, send fraudulent messages, and block incoming calls.
-- Group Scammer (privacy.Cckun.a): After users clicked a malicious link in an SMS message, the infected device could be remotely controlled to spread the infection through group messages. At the same time, a third-party application with the ability to send premium messages without the user's consent could be installed on the device, leading to additional bill charges.
-- Fee Server (payment.ZooTiger.a): This threat delivered multiple malicious payloads, uploading users' private contact lists to the server, delivering unwanted advertising to users' inboxes and connecting to fee-based services via SMS and WAP resulting in unexpected bill charges.
The early detection of these threats confined infection to fewer than 20,000 devices.
The newly discovered threats follow just days after discover of a.privacy.SmsManager.a (Privacy Leaker) and a.payment.Sexyapp.a (SMS Fraudster), which risked mobile users' privacy and caused fraudulent bill charges.
NQ Mobile Security(TM) for Android is available for download at http://www.nq.com/mobilesecurity and on Google Play.
About NQ Mobile
NQ Mobile Inc. (NYSE: NQ) is a leading global provider of mobile Internet services. NQ Mobile is a mobile security pioneer with proven competency to acquire, engage, and monetize customers globally. NQ Mobile's portfolio includes mobile security and mobile games as well as advertising for the consumer market and consulting, mobile platforms and mobility services for the enterprise market. As of June 30, 2013, NQ Mobile maintained a large, global user base of